Siemens updates some medical scanners to prevent malware infection

8 August 2017
A week earlier, the U.S. Department of Homeland Security issued a security notice warning that "an attacker with a low skill would be able to exploit these vulnerabilities" using known weaknesses that exist in older Windows software. The Siemens spokesman insisted that no evidence of any attack has been found, the upgrade is a preventive measure.

Siemens' action provides more evidence of a growing focus on preventing cyber attacks on medical equipment, which for years ranked low on the list of potential hacking targets, Reuters writes. The vulnerabilities identified by Siemens daughter Healthineers were in its PET (positron emission tomography) scanners that run on Microsoft Windows 7 (MSFT.O), which could be exploited remotely.
Initially, Siemens advised hospital and other medical customers to disconnect the scanners until a update was released. Last Monday the company spokesman said that after further review, it no longer believed disconnecting the scanners was necessary.

"Based on the existing controls of the devices and use conditions, we believe the vulnerabilities do not result in any elevated patient risk," Siemens said. "To date, there have been no reports of exploitation of the identified vulnerabilities on any system installation worldwide."

Indirect infections

Large imaging machines such as PET scanners are usually not directly connected to the Internet but to clinical IT systems, which can be infected, for example, by an email attachment sent to a different part of the system.

Hospitals in general are badly protected against hacking, partly because of underfunding and partly because some older medical machines are not compatible with the latest versions of software operating systems. That made the global WannaCry ransomware attack last May successfully infecting dozens of British National Health Service hospitals and other institutions.

According to security company TrapX, the health care sector has become one of the most threatened industries when it comes to malware, cyberattacks et cetera. It is under attack more these days than are industries such as financials and retailing. A good example of this threat was a new version of the old malware worm Conficker that last year specifically targeted connected medical equipment. A lot of connected equipment in for example hospitals have low levels of security, TrapX stated.